$ rpki-client -vvf rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/A257A95EA9DC11E9AA03780DC4F9AE02.roa File: A257A95EA9DC11E9AA03780DC4F9AE02.roa (raw, json) Hash identifier: 42CVSUWYduLQVb9MG+B2vLMlfp0/6VbB2Jlt8i5PPHo= Subject key identifier: 61:E0:6B:09:82:33:B7:E7:96:0A:2A:C9:E5:94:72:32:8A:D3:61:CD Certificate issuer: /CN=A91C77BD/serialNumber=A3EB7C435063BC54D3573D81DBDC1873987663E0 Certificate serial: 2204 Authority key identifier: A3:EB:7C:43:50:63:BC:54:D3:57:3D:81:DB:DC:18:73:98:76:63:E0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/A257A95EA9DC11E9AA03780DC4F9AE02.roa Signing time: Sun 01 Mar 2026 13:39:50 +0000 ROA not before: Wed 24 Sep 2025 16:04:13 +0000 ROA not after: Tue 01 Dec 2026 00:00:00 +0000 asID: 134707 IP address blocks: 103.196.136.0/22 maxlen: 22 103.196.136.0/24 maxlen: 24 103.196.137.0/24 maxlen: 24 103.196.138.0/24 maxlen: 24 103.196.139.0/24 maxlen: 24 203.189.116.0/22 maxlen: 22 203.189.116.0/24 maxlen: 24 203.189.117.0/24 maxlen: 24 203.189.118.0/24 maxlen: 24 203.189.119.0/24 maxlen: 24 223.25.60.0/22 maxlen: 22 223.25.60.0/24 maxlen: 24 223.25.61.0/24 maxlen: 24 223.25.62.0/24 maxlen: 24 223.25.63.0/24 maxlen: 24 2404:3380::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.crl rsync://rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Mar 2026 02:06:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8708 (0x2204) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C77BD, serialNumber=A3EB7C435063BC54D3573D81DBDC1873987663E0 Validity Not Before: Sep 24 16:04:13 2025 GMT Not After : Dec 1 00:00:00 2026 GMT Subject: CN=69a441a6-679b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:4c:67:92:2e:93:61:35:d7:9f:f8:3f:05:2b: 57:c0:b2:91:c2:44:26:d5:e0:a5:19:74:fa:ac:0b: 7a:8c:09:31:e8:74:77:eb:8b:49:0d:d5:79:1a:82: d6:5c:9e:ee:09:a1:57:4f:d1:c2:2d:71:8b:04:fb: 74:9c:06:9e:d7:93:a9:8e:e7:03:32:5b:eb:df:fb: 8d:fc:70:bc:95:65:bf:67:ca:ae:3e:eb:b8:6c:66: af:28:23:e8:ce:50:00:a5:1e:37:5d:04:16:26:9b: 8e:c6:ce:54:bf:c9:d1:eb:07:d5:d4:ba:4b:0e:71: dd:ef:49:4d:33:81:b0:e3:f8:bf:e3:71:54:71:27: a6:37:d4:2a:a9:fb:10:8a:70:22:bc:05:e4:44:49: 9c:6c:2d:d0:93:6d:7b:b3:d7:70:fd:82:7d:ff:b4: e5:dd:67:a4:17:96:0b:a4:70:16:c7:43:b7:7b:82: b1:78:a3:62:02:c9:8b:55:d4:66:96:6f:c5:da:53: 5a:05:8f:85:7b:7a:80:da:ca:10:a4:f0:a2:72:9d: e4:70:04:de:84:63:57:b3:51:01:23:ad:2f:10:6c: 5e:fc:fa:ac:98:34:71:f3:11:ec:e2:e6:d1:81:cd: 8d:72:bc:82:79:e1:11:23:e1:30:e8:af:a7:bb:32: f3:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:E0:6B:09:82:33:B7:E7:96:0A:2A:C9:E5:94:72:32:8A:D3:61:CD X509v3 Authority Key Identifier: keyid:A3:EB:7C:43:50:63:BC:54:D3:57:3D:81:DB:DC:18:73:98:76:63:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o-t8Q1BjvFTTVz2B29wYc5h2Y-A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C77BD/38937198DF4011E58232734AC4F9AE02/A257A95EA9DC11E9AA03780DC4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.196.136.0/22 203.189.116.0/22 223.25.60.0/22 IPv6: 2404:3380::/32 Signature Algorithm: sha256WithRSAEncryption e6:13:d3:59:a7:c1:28:53:49:1e:51:e2:67:9f:80:55:0f:9d: 14:f4:95:1c:a7:d2:93:7d:13:bc:66:0f:25:bd:45:13:e8:68: bd:0d:62:84:09:b0:e7:df:f3:9e:f3:1f:1f:46:a9:9e:fd:ce: 89:68:2c:99:04:5f:a5:23:37:1c:5e:5f:bf:d1:00:73:c4:68: 33:8f:76:f2:68:ca:69:d3:ef:51:49:91:8f:77:7e:1a:ce:a5: 84:e1:2d:74:14:21:96:e7:98:73:38:79:86:4d:3a:6d:c5:7a: 71:c8:02:ea:0e:99:44:9d:28:8c:36:83:20:07:8d:6b:9c:5b: c2:16:4c:8d:7f:2f:76:93:c9:61:fa:b1:59:14:20:f4:80:4c: f2:18:b6:07:9b:8f:eb:ab:b9:3d:4d:48:05:07:cb:b8:8b:e1: 80:ec:16:d4:fb:34:98:72:fa:c0:c2:63:05:14:0e:69:c9:58: 95:98:a7:da:c5:d5:1f:de:6c:11:b7:fc:29:a4:96:dc:4f:6e: 82:a2:ce:d3:bd:8f:18:95:61:24:2d:c8:49:3c:24:20:91:39: 6f:d0:19:6a:9e:33:36:01:ea:38:78:8d:a5:87:fe:9e:35:d3: 83:3c:23:bc:5e:fc:fa:cb:48:bb:a1:c9:c6:1c:80:f4:ca:55: de:b1:87:08 -----BEGIN CERTIFICATE----- MIIFVzCCBD+gAwIBAgICIgQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzc3QkQxMTAvBgNVBAUTKEEzRUI3QzQzNTA2M0JDNTREMzU3M0Q4MURCREMxODcz OTg3NjYzRTAwHhcNMjUwOTI0MTYwNDEzWhcNMjYxMjAxMDAwMDAwWjAYMRYwFAYD VQQDEw02OWE0NDFhNi02NzliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArUxnki6TYTXXn/g/BStXwLKRwkQm1eClGXT6rAt6jAkx6HR364tJDdV5GoLW XJ7uCaFXT9HCLXGLBPt0nAae15OpjucDMlvr3/uN/HC8lWW/Z8quPuu4bGavKCPo zlAApR43XQQWJpuOxs5Uv8nR6wfV1LpLDnHd70lNM4Gw4/i/43FUcSemN9QqqfsQ inAivAXkREmcbC3Qk217s9dw/YJ9/7Tl3WekF5YLpHAWx0O3e4KxeKNiAsmLVdRm lm/F2lNaBY+Fe3qA2soQpPCicp3kcATehGNXs1EBI60vEGxe/PqsmDRx8xHs4ubR gc2NcryCeeERI+Ew6K+nuzLzAQIDAQABo4ICezCCAncwHQYDVR0OBBYEFGHgawmC M7fnlgoqyeWUcjKK02HNMB8GA1UdIwQYMBaAFKPrfENQY7xU01c9gdvcGHOYdmPg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzdCRC8zODkzNzE5OERG NDAxMUU1ODIzMjczNEFDNEY5QUUwMi9vLXQ4UTFCanZGVFRWejJCMjl3WWM1aDJZ LUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL28tdDhRMUJqdkZUVFZ6MkIyOXdZYzVoMlktQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx Qzc3QkQvMzg5MzcxOThERjQwMTFFNTgyMzI3MzRBQzRGOUFFMDIvQTI1N0E5NUVB OURDMTFFOUFBMDM3ODBEQzRGOUFFMDIucm9hMDoGCCsGAQUFBwEHAQH/BCswKTAY BAIAATASAwQCZ8SIAwQCy710AwQC3xk8MA0EAgACMAcDBQAkBDOAMA0GCSqGSIb3 DQEBCwUAA4IBAQDmE9NZp8EoU0keUeJnn4BVD50U9JUcp9KTfRO8Zg8lvUUT6Gi9 DWKECbDn3/Oe8x8fRqme/c6JaCyZBF+lIzccXl+/0QBzxGgzj3byaMpp0+9RSZGP d34azqWE4S10FCGW55hzOHmGTTptxXpxyALqDplEnSiMNoMgB41rnFvCFkyNfy92 k8lh+rFZFCD0gEzyGLYHm4/rq7k9TUgFB8u4i+GA7BbU+zSYcvrAwmMFFA5pyViV mKfaxdUf3mwRt/wppJbcT26Cos7TvY8YlWEkLchJPCQgkTlv0BlqnjM2Aeo4eI2l h/6eNdODPCO8Xvz6y0i7ocnGHID0ylXesYcI -----END CERTIFICATE-----Generated at Mon Mar 2 16:12:38 2026 by rpki-client